Mateusz 935 utworzono 30 grudnia 2014 utworzono 30 grudnia 2014 Witam. Czy mógłby ktoś sprawdzić logi. OTL: [spoiler][log]OTL logfile created on: 2014-12-30 15:22:19 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1014,43 Mb Total Physical Memory | 123,40 Mb Available Physical Memory | 12,16% Memory free 1,99 Gb Paging File | 0,95 Gb Available in Paging File | 47,79% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 71,04 Gb Total Space | 52,72 Gb Free Space | 74,20% Space Free | Partition Type: NTFS Drive D: | 72,00 Gb Total Space | 35,24 Gb Free Space | 48,94% Space Free | Partition Type: NTFS Computer Name: N110 | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ========== PRC - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2014-12-18 09:54:30 | 003,432,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgidsagent.exe PRC - [2014-12-18 09:51:14 | 003,667,472 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgui.exe PRC - [2014-12-18 09:49:46 | 000,669,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgemcx.exe PRC - [2014-12-18 09:47:42 | 001,071,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgnsx.exe PRC - [2014-12-18 09:47:18 | 000,884,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2015\avgrsx.exe PRC - [2014-12-18 09:45:26 | 000,298,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe PRC - [2014-12-18 09:44:26 | 000,691,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgcsrvx.exe PRC - [2014-12-06 02:50:53 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2014-10-01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2014-03-30 12:48:17 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2014-03-18 12:45:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2013-08-05 17:42:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe PRC - [2011-05-28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-09-08 08:47:52 | 000,832,512 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2009-09-07 19:42:04 | 000,093,184 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe PRC - [2009-08-23 13:47:34 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe========== Modules (No Company Name) ========== MOD - [2014-12-06 02:50:51 | 014,913,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll MOD - [2014-12-06 02:50:50 | 009,009,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll MOD - [2014-12-06 02:50:44 | 001,677,128 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll MOD - [2014-02-10 12:44:24 | 004,592,128 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll MOD - [2014-02-10 12:44:24 | 000,112,128 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll MOD - [2011-10-28 17:13:36 | 000,162,816 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\libbluray.dll MOD - [2011-10-28 17:13:24 | 006,034,229 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avcodec-lav-53.dll MOD - [2011-10-28 17:13:24 | 000,962,568 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avformat-lav-53.dll MOD - [2011-10-28 17:13:24 | 000,221,581 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll MOD - [2011-10-28 09:00:00 | 003,578,880 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax MOD - [2011-05-28 14:47:00 | 000,127,376 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\ASCv4ExtMenu.dll MOD - [2006-08-12 12:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll========== Services (SafeList) ========== SRV - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014-12-18 16:05:58 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-12-18 09:54:30 | 003,432,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent) SRV - [2014-12-18 09:45:26 | 000,298,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe -- (avgwd) SRV - [2014-12-09 09:51:34 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-10-01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2014-10-01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2014-03-30 12:48:17 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2014-03-19 14:59:13 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2013-10-23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-05-27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2011-05-28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService) SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)========== Driver Services (SafeList) ========== DRV - [2014-12-30 15:24:49 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV - [2014-12-08 21:25:06 | 000,208,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2014-11-18 21:41:58 | 000,154,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2014-10-13 09:58:21 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2014-10-10 15:13:58 | 000,200,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2014-10-05 20:42:06 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2014-10-01 11:11:24 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl) DRV - [2014-10-01 11:11:10 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2014-08-28 20:43:36 | 000,192,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2014-07-18 14:55:24 | 000,230,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx) DRV - [2014-06-18 20:03:36 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2014-06-18 20:03:34 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx) DRV - [2014-06-18 20:03:34 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2014-03-30 12:48:28 | 000,186,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV - [2014-03-30 12:48:28 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV - [2014-03-30 12:48:27 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2014-03-30 12:48:27 | 000,089,856 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - [2014-03-30 12:48:27 | 000,073,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2014-03-30 12:48:27 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV - [2014-03-30 12:48:26 | 000,195,200 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2011-12-12 19:32:24 | 002,228,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2010-11-20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2009-10-06 22:49:56 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DgivEcp.sys -- (DgiVecp) DRV - [2009-08-10 10:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326) DRV - [2009-08-06 09:34:28 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.sys -- (SSPORT) DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)========== Standard Registry (SafeList) ==================== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ========== FF - prefs.js..browser.search.isUS: false FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-12-12 10:09:25 | 000,000,000 | ---D | M] [2014-03-18 10:03:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Extensions [2014-12-30 11:17:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profileskjytwj5j.default\extensions [2014-12-30 11:17:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profileskjytwj5j.default\extensions\staged [2014-12-09 09:51:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-12-09 09:51:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}========== Chrome ========== CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Error reading preferences file CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\ CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdifnhiliocdiomkphonngpedadhinof\1.0.1_0\ CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhaaapflafeapcmgbphlmealldkomfbe\2.0.2_0\ CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0\ CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found. O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{010EDF8C-597D-43AA-890D-E2BB6F6D2E09}: NameServer = 89.108.202.21 89.108.195.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FAEA63B-1B66-4AB4-86EC-E65DD5AA0A23}: NameServer = 62.233.233.233 87.204.204.204 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7124C992-D094-459D-99BE-99EBC10D3D5F}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD6D7D73-25E5-4841-A460-85FD57F607AB}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{5bab3835-e8bf-11e3-b708-00245407d247}\Shell - "" = AutoRun O33 - MountPoints2\{5bab3835-e8bf-11e3-b708-00245407d247}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{5bab3838-e8bf-11e3-b708-00245407d247}\Shell - "" = AutoRun O33 - MountPoints2\{5bab3838-e8bf-11e3-b708-00245407d247}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{aabd24c2-b800-11e3-ac7f-00245407d247}\Shell - "" = AutoRun O33 - MountPoints2\{aabd24c2-b800-11e3-ac7f-00245407d247}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{aabd24df-b800-11e3-ac7f-00245407d247}\Shell - "" = AutoRun O33 - MountPoints2\{aabd24df-b800-11e3-ac7f-00245407d247}\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)========== Files/Folders - Created Within 30 Days ========== [2014-12-30 15:21:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe [2014-12-30 13:08:10 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-12-30 13:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [2014-12-30 13:07:07 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys [2014-12-30 13:07:07 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys [2014-12-30 13:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware [2014-12-30 11:51:19 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.android [2014-12-30 11:17:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WebTest [2014-12-29 12:16:14 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~BT [2014-12-28 13:44:06 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\AVG2015 [2014-12-28 13:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2014-12-28 13:43:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\TuneUp Software [2014-12-28 13:42:01 | 000,000,000 | -H-D | C] -- C:\$AVG [2014-12-28 13:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2015 [2014-12-28 13:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2014-12-28 13:36:16 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Avg2015 [2014-12-28 13:35:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2014-12-28 13:35:26 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\MFAData [2014-12-28 13:35:26 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2014-12-28 13:35:26 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Avg2014 [2014-12-09 10:20:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\DO ASTRY H [2014-12-09 09:51:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-12-08 21:25:06 | 000,208,152 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]========== Files - Modified Within 30 Days ========== [2014-12-30 15:24:49 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-12-30 15:24:47 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-12-30 15:07:39 | 000,740,672 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-12-30 15:07:39 | 000,654,464 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-12-30 15:07:39 | 000,156,214 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-12-30 15:07:39 | 000,122,336 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-12-30 15:03:30 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-12-30 14:59:48 | 000,030,960 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-12-30 14:59:48 | 000,030,960 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-12-30 14:53:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-12-30 14:51:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-12-30 14:51:49 | 797,777,920 | -HS- | M] () -- C:\hiberfil.sys [2014-12-30 13:07:17 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014-12-30 11:37:31 | 000,002,101 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-12-30 11:35:55 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2014-12-29 14:19:10 | 000,000,266 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2014-12-29 12:16:25 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml [2014-12-29 12:16:25 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml [2014-12-28 13:43:04 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk [2014-12-18 16:05:58 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-12-18 16:05:58 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-12-18 00:01:37 | 000,023,552 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-12-08 21:25:06 | 000,208,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]========== Files Created - No Company Name ========== [2014-12-30 13:07:17 | 000,001,030 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014-12-29 12:15:53 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml [2014-12-29 12:15:53 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml [2014-12-28 13:43:04 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2015.lnk [2014-12-28 12:57:22 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014-09-26 15:20:52 | 000,284,866 | ---- | C] () -- C:\Users\Mateusz\Wyrejestrowanie pojazdu.pdf [2014-04-23 17:43:09 | 000,126,512 | ---- | C] () -- C:\Windows\Wiainst.exe [2014-04-23 17:40:56 | 000,053,248 | ---- | C] () -- C:\Windows\System32\Ssusbpn.dll [2014-04-23 17:40:55 | 000,577,536 | ---- | C] () -- C:\Windows\System32\SnMinDrv.dll [2014-04-23 17:40:55 | 000,415,232 | ---- | C] () -- C:\Windows\System32\SNWIAUI.dll [2014-04-23 17:40:55 | 000,135,168 | ---- | C] () -- C:\Windows\System32\SnImgFlt.dll [2014-04-23 17:40:55 | 000,073,728 | ---- | C] () -- C:\Windows\System32\SnErHdlr.dll [2014-04-23 17:40:39 | 001,571,160 | ---- | C] () -- C:\Windows\TotalUninstaller.exe [2014-04-23 17:37:25 | 000,010,577 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\SmarThruOptions.xml [2014-04-23 17:36:56 | 000,036,864 | ---- | C] () -- C:\Windows\System32\SvcMan.exe [2014-04-23 17:36:17 | 000,172,032 | ---- | C] () -- C:\Windows\System32\SecSNMP.dll [2014-04-23 17:35:44 | 000,000,124 | ---- | C] () -- C:\Windows\Readiris.ini [2014-04-23 17:35:37 | 000,023,040 | ---- | C] () -- C:\Windows\System32\irisco32.dll [2014-03-19 17:02:07 | 000,023,552 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-03-18 11:26:38 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2014-03-18 11:26:32 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2014-03-18 11:26:32 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2014-03-18 11:26:31 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2014-03-18 10:03:34 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat========== ZeroAccess Check ========== [2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both========== LOP Check ========== [2014-12-28 13:44:06 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\AVG2015 [2014-09-26 15:12:11 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\com.efile.fillup [2014-12-30 15:06:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2014-09-26 15:11:12 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\fillUp [2014-03-18 11:34:48 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\IObit [2014-10-13 10:00:32 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera Software [2014-03-18 13:43:22 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Oracle [2014-10-13 09:57:59 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\RHEng [2014-04-23 17:48:15 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Samsung [2014-04-23 17:37:30 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\SmarThru4 [2014-12-28 13:43:03 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\TuneUp Software [2014-12-30 15:06:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\uTorrent [2014-06-20 19:47:43 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\VOS [2014-12-30 11:17:00 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\WebTest========== Purity Check ========== < End of report > [/log][/spoiler] Extras: [spoiler][log]OTL Extras logfile created on: 2014-12-30 15:22:19 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1014,43 Mb Total Physical Memory | 123,40 Mb Available Physical Memory | 12,16% Memory free 1,99 Gb Paging File | 0,95 Gb Available in Paging File | 47,79% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 71,04 Gb Total Space | 52,72 Gb Free Space | 74,20% Space Free | Partition Type: NTFS Drive D: | 72,00 Gb Total Space | 35,24 Gb Free Space | 48,94% Space Free | Partition Type: NTFS Computer Name: N110 | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0========== Authorized Applications List ==================== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0012F0E7-3766-4AF3-AA65-8685995C6A5A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | "{083B597A-D8EB-40BA-96E3-80AE0C3BB45B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{08E54762-2463-4E36-BE3D-015F02B58D7C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{159E4E08-DA10-4D7F-810D-D158C81FB37C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{222A86B0-07B4-40FE-A13F-ABF9B0DAE1CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2EF209A3-BF07-4DEF-B8F8-B92E843586A2}" = lport=10243 | protocol=6 | dir=in | app=system | "{309FC4AC-71D9-44D1-BF83-76863DD98B65}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{31E0A532-6164-40E4-AB5E-467CE2A91C23}" = lport=2869 | protocol=6 | dir=in | app=system | "{36E8388C-86FB-4DB2-9889-392B6758D8D4}" = rport=445 | protocol=6 | dir=out | app=system | "{3F38DBD4-05FA-49AA-9F3D-A96421030012}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{54BB1A42-27A9-412E-A239-D25F5CE217DB}" = lport=139 | protocol=6 | dir=in | app=system | "{583426DF-F715-44D9-B5DE-F0B8C7AB5A89}" = rport=10243 | protocol=6 | dir=out | app=system | "{6306ECF8-42A8-499B-BC04-7B1FDE187F24}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{6AEB7F5A-0A20-4368-B265-2A419C876441}" = rport=139 | protocol=6 | dir=out | app=system | "{6B007129-6DC6-4D13-A9F5-AF0AE400A0C5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{765FFC4B-AC89-43CF-A340-A68D790ECF40}" = lport=138 | protocol=17 | dir=in | app=system | "{82DD4CCD-6821-45DF-8E91-8CD0F425C017}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{971048D8-72C4-49B3-B192-CBBECDD17DC3}" = rport=138 | protocol=17 | dir=out | app=system | "{BF3B29CC-802F-472B-8A68-1C837F2F24EF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BF9D6D1C-8579-41BC-B3AB-E61A09292DE5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D7F08431-AF49-45E0-A875-96B55649F9E9}" = rport=137 | protocol=17 | dir=out | app=system | "{DCB302D8-E2B9-430D-B398-7E26F59A805A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DF9846CD-F684-4387-8D19-2A9BE2D89023}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | "{E6859EC0-E1BD-462C-9AD8-26A9119BA3DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{ECDB0CD6-B22E-4B93-B6F9-EFB2574BB9AC}" = lport=445 | protocol=6 | dir=in | app=system | "{FD0E61E4-7C6B-44A9-A658-E10AEB055503}" = lport=137 | protocol=17 | dir=in | app=system |========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0CE0D441-AD6F-4B5E-B31E-27553BFF668C}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung universal scan driver\scancdlm.exe | "{0E7DC139-CA54-4127-B33C-1645FB40F4B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{1B3D15FD-C13D-4A61-B963-11562FA49D22}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{1C02A1BC-BFC0-4CA5-83C9-337DB6929A0F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{2316260A-48F0-41D4-AAFE-F04434FF0A41}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{2DC9A7ED-C5AB-4ACF-A4FB-29F4F5139060}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgmfapx.exe | "{33CC2F68-A68F-4F78-98D7-691047F4E50E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{379E710B-7D82-4970-A624-8F92413D6398}" = protocol=6 | dir=out | app=system | "{3FA6FDB1-C1A1-4D26-AAC1-D004F7641A3D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgdiagex.exe | "{4B0F67AE-BF11-4BFC-BE97-BDA0D8D18B0F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4FF9A677-10E8-450F-9700-E6954837F122}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{51FB141E-2675-4C75-8E30-7EBE531190AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5462B4A1-ACB8-4D38-86E1-FD049EF591DA}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung universal scan driver\scancdlm.exe | "{57C2D9B4-A45C-4EA6-89E3-7B63B9180868}" = protocol=6 | dir=in | app=c:\users\mateusz\appdata\roaming\utorrent\utorrent.exe | "{5BFC9913-D750-4E3D-91F8-5ABDCDD51F3E}" = protocol=17 | dir=in | app=c:\users\mateusz\appdata\roaming\utorrent\utorrent.exe | "{636C7C26-76DC-4770-B65E-A83D4BCD526B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{810DF325-1CF3-4319-A9B7-4DBE2EBE570F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgnsx.exe | "{8A17D415-F0FC-4330-968E-8682A7485016}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{97189800-FAB0-4144-8CFB-9210847468AF}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung universal scan driver\iccupdater.exe | "{98384A26-EA5C-4578-BBAF-F3198F6C517E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{9E5702AF-33E2-4DB6-9E44-85EFEC2C6809}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A18E3690-552B-4521-9560-76558517CFBA}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgmfapx.exe | "{AD28CD82-F184-4012-A419-64DB48357A4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{C03D4AEF-978D-4959-BB87-8BA23AD43354}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgnsx.exe | "{C1953295-044E-4290-A2AB-9E4B752A5305}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CAD99583-EBF1-45BF-9BE8-380F705968F5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{CCFA9D29-A6E1-4EBC-AC0B-60A7DB6F9DCB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{CECCE4FC-24B9-4AAF-88E5-4551BEB20627}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D28871E2-3BA0-40AD-AE5B-86F58EF8A786}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgemcx.exe | "{D7215B99-E72B-4F5D-839F-B586170ABE7C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E087933A-BD92-4006-B175-23049C3A88ED}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{E6B5FFD5-926E-419D-91CC-A5777EDE9D71}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{EC34D631-C6B5-49F6-9FF6-5136FA5D2023}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F1310822-BC93-4783-92A2-D06217A05834}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgemcx.exe | "{F5FD8CDA-DDEE-4C9F-8BCF-6B208050042A}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{FD684887-5640-4A58-95FE-F86B70EE3006}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgdiagex.exe | "{FDCFB155-00CE-4C86-98F5-EF532CFEE757}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung universal scan driver\iccupdater.exe |========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00CCF705-D246-4F7E-BA80-E1DB2C7EB365}" = AVG 2015 "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4 "{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10 "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager "{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program "{2899E9E8-3A15-4333-9CE3-BFEF57889F50}" = AVG 2015 "{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share "{45535A5E-1F81-4F35-BE1D-43D10A7D03B4}" = Easy Resolution Manager "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14 "{7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}" = Adobe AIR "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{885843E7-6CAC-4791-B7BF-1CD516017954}_is1" = DLL Suite 2013 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Polish "{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus "{D4A8DDEF-CE67-4466-9A68-9C93D7322CEB}_is1" = fillUp Przyjazne formularze "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe AIR" = Adobe AIR "Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI "Adobe Shockwave Player" = Adobe Shockwave Player 12.1 "Advanced SystemCare 4_is1" = Advanced SystemCare 4 "AVG" = AVG 2015 "DAEMON Tools Lite" = DAEMON Tools Lite "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.20 "Google Chrome" = Google Chrome "HDMI" = Intel(R) Graphics Media Accelerator Driver "Icy Tower v1.5.1_is1" = Icy Tower v1.5.1 "KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full) "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.3.1025 "Mozilla Firefox 34.0.5 (x86 pl)" = Mozilla Firefox 34.0.5 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Opera 26.0.1656.60" = Opera Stable 26.0.1656.60 "PLAY ONLINE" = PLAY ONLINE "Revo Uninstaller" = Revo Uninstaller 1.89 "Samsung Universal Scan Driver" = Samsung Universal Scan Driver "SynTPDeinstKey" = Synaptics Pointing Device Driver "The KMPlayer" = The KMPlayer (remove only) "WinRAR archiver" = WinRAR 5.11 (32-bit)========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2014-12-29 07:08:54 | Computer Name = N110 | Source = WinMgmt | ID = 10 Description = Error - 2014-12-29 09:39:31 | Computer Name = N110 | Source = WinMgmt | ID = 10 Description = Error - 2014-12-29 10:19:10 | Computer Name = N110 | Source = WinMgmt | ID = 10 Description = Error - 2014-12-29 12:57:56 | Computer Name = N110 | Source = WinMgmt | ID = 10 Description = Error - 2014-12-30 05:24:22 | Computer Name = N110 | Source = WinMgmt | ID = 10 Description = Error - 2014-12-30 06:17:53 | Computer Name = N110 | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 34.0.5.5443, sygnatura czasowa: 0x5475dd5d Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 34.0.5.5443, sygnatura czasowa: 0x5475d664 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001425 Identyfikator procesu powodującego błąd: 0x15e8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d02419d6b33766 Ścieżka aplikacji powodującej błąd: C:\Program Files\Mozilla Firefox\plugin-container.exe Ścieżka modułu powodującego błąd: C:\Program Files\Mozilla Firefox\mozalloc.dll Identyfikator raportu: 1d299501-900d-11e4-870b-00245407d247 Error - 2014-12-30 06:56:51 | Computer Name = N110 | Source = VSS | ID = 8194 Description = Error - 2014-12-30 09:53:20 | Computer Name = N110 | Source = WinMgmt | ID = 10 Description = Error - 2014-12-30 10:06:14 | Computer Name = N110 | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "F:\Mateusz\Portable\CCleaner Portable\ccsetup410\CCleaner64.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-12-30 10:18:21 | Computer Name = N110 | Source = Application Hang | ID = 1002 Description = Program OTL.exe w wersji 3.2.69.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 111c Godzina rozpoczęcia: 01d0243aac4dc15a Godzina zakończenia: 31 Ścieżka aplikacji: F:\OTL\OTL.exe Identyfikator raportu: [ System Events ] Error - 2014-12-29 12:56:57 | Computer Name = N110 | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2014-12-29 12:56:57 | Computer Name = N110 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2014-12-29 12:57:48 | Computer Name = N110 | Source = WMPNetworkSvc | ID = 866300 Description = Error - 2014-12-30 05:23:03 | Computer Name = N110 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%20 Error - 2014-12-30 05:23:10 | Computer Name = N110 | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2014-12-30 05:23:10 | Computer Name = N110 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2014-12-30 06:19:16 | Computer Name = N110 | Source = Service Control Manager | ID = 7034 Description = Usługa WindowsMangerProtect Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2014-12-30 09:52:10 | Computer Name = N110 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%20 Error - 2014-12-30 09:52:29 | Computer Name = N110 | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2014-12-30 09:52:29 | Computer Name = N110 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 < End of report > [/log][/spoiler] Resetowałem przeglądarki, zmieniłem ścieżki docelowe, strony startowe, odinstalowałem ten program a także wszystkie rozszerzenia i dodatki z nim związane. Użyłem AVG, Malwarebytes oraz CCleanera i nic dalej w Firefoxie i IE to coś widnieje
Zayfi komentarz 30 grudnia 2014 komentarz 30 grudnia 2014 Wszystko pięknie tylko spoilery sie nie otwierają. Wklejaj logi na wklej.org.
Mateusz 935 komentarz 30 grudnia 2014 Autor komentarz 30 grudnia 2014 Dziwne. U mnie działa już wklejam. http://wklej.org/id/1580150/ http://wklej.org/id/1580151/
Mateusz 935 komentarz 1 stycznia 2015 Autor komentarz 1 stycznia 2015 Pousuwalem wszystkie mozliwe programy dodatki a mimo to dalej strona startowa w firefoxie i IE to omiga nie pomaga reczna zmiana strony startowej ani reset przegladarki nawet usuniecie wiersza odpowiedzialnego za omige we wlasciwosciach nie pomoglo
Zayfi komentarz 2 stycznia 2015 komentarz 2 stycznia 2015 Zrób logi z FRST http://www.fixitpc.pl/topic/61-diagnostyka-og%C3%B3lne-raporty-systemowe/#entry119294
Mateusz 935 komentarz 2 stycznia 2015 Autor komentarz 2 stycznia 2015 Pomogła reinstalacja przeglądarek.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.